Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Anonymity, unobservability, and pseudeonymity — a proposal for terminology
International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
A Reputation System to Increase MIX-Net Reliability
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Synchronous batching: from cascades to free routes
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Probabilistic analysis of onion routing in a black-box model
Proceedings of the 2007 ACM workshop on Privacy in electronic society
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Quantifying maximal loss of anonymity in protocols
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Quantification of Anonymity for Mobile Ad Hoc Networks
Electronic Notes in Theoretical Computer Science (ENTCS)
Low-latency Mix Using Split and Merge Operations
Journal of Network and Systems Management
Trust in crowds: probabilistic behaviour in anonymity protocols
TGC'10 Proceedings of the 5th international conference on Trustworthly global computing
Relations among privacy notions
ACM Transactions on Information and System Security (TISSEC)
Probable innocence in the presence of independent knowledge
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Beyond TOR: the truenyms protocol
SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Probabilistic analysis of onion routing in a black-box model
ACM Transactions on Information and System Security (TISSEC)
Hang with your buddies to resist intersection attacks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Many applications of mix networks such as anonymousWeb browsing require relationship anonymity: it should be hard for the attacker to determine who is communicating with whom. Conventional methods for measuring anonymity, however, focus on sender anonymity instead. Sender anonymity guarantees that it is difficult for the attacker to determine the origin of any given message exiting the mix network, but this may not be sufficient to ensure relationship anonymity. Even if the attacker cannot identify the origin of messages arriving to some destination, relationship anonymity will fail if he can determine with high probability that at least one of the messages originated from a particular sender, without necessarily being able to recognize this message among others. We give a formal definition and a calculation methodology for relationship anonymity. Our techniques are similar to those used for sender anonymity, but, unlike sender anonymity, relationship anonymity is sensitive to the distribution of message destinations. In particular, Zipfian distributions with skew values characteristic of Web browsing provide especially poor relationship anonymity. Our methodology takes route selection algorithms into account, and incorporates information-theoretic metrics such as entropy and min-entropy. We illustrate our methodology by calculating relationship anonymity in several simulated mix networks.